Bypassing EmiSoft Advanced Antimalware

[erreale 4]

Also other software are bypassed using the same technique

 

Youtube video from Black Cipher Security

 

 

[Guest Tempus]

Thanks for the link " erreale ", and now is my paranoia totally refueled

[Fabian Wosar 390]

If you are concerned about PowerShell: Uninstall it. Most people don't need it anyway. It's one less infection vector to worry about.

[Guest Tempus]

45 minutes ago, Fabian Wosar said:

If you are concerned about PowerShell: Uninstall it. Most people don't need it anyway. It's one less infection vector to worry about.

I don't know what to think about regarding your answer. Yes it is always a sensible strategy to minimise the amount of vectors that can be used by others. But with all due respect you do not answer the OP, how it can be that Emsisoft behaviour blocker doesn't catch or reacts regarding the attack. 

[Fabian Wosar 390]

OP didn't even post a question, so how and what exactly should I answer to? It's just another "next-gen" AV reseller that creates little videos to scare everyone to jump onto the next-gen train and increase their profit. We never cared for POC malware. Lots of things are possible and if anyone cared to, they could produce dozens, maybe even hundreds of bypass videos every day for every single product out there.

[Guest Tempus]

48 minutes ago, Fabian Wosar said:

OP didn't even post a question, so how and what exactly should I answer to? It's just another "next-gen" AV reseller that creates little videos to scare everyone to jump onto the next-gen train and increase their profit. We never cared for POC malware. Lots of things are possible and if anyone cared to, they could produce dozens, maybe even hundreds of bypass videos every day for every single product out there.

hmm well ok then........

[HazBeen 2]

I've never used Powershell, so I'll happily remove it after learning Powershell creates a vulnerability.

Thanks, Fabian !